join.worldoftanks.com Open in urlscan Pro
92.223.51.163 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://28909310-28255-ex.hydramaterrep.com/jCBPDI00NArgZtczvVvMJyNPktkRvoHRdvsFPM6VTMwcNs7A9d0ApsqJUdQ1LdHNwtlUI6Z5h_m9euuzHOKnYBaKm66lu7iK...
Effective URL:
https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid...
Submission: On December 19 via api (December 19th 2024, 6:18:07 am UTC) from US — Scanned from US

Summary HTTP 64 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 19 domains to perform 64 HTTP transactions. The main IP is 92.223.51.163, located in Luxembourg, Luxembourg and belongs to GCORE G-Core Labs S.A., LU. The main domain is join.worldoftanks.com. The Cisco Umbrella rank of the primary domain is 446886.
TLS certificate: Issued by R11 on November 24th 2024. Valid for: 3 months.

This is the only time join.worldoftanks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	88.208.22.3 88.208.22.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
2	45.13.225.41 45.13.225.41	58087 (FlorianKo...) (FlorianKolb Florian Kolb)
2 14	104.18.22.222 104.18.22.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.169.157 172.67.169.157	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	49.51.78.191 49.51.78.191	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1 1	35.204.130.99 35.204.130.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.204.100.195 35.204.100.195	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a03:90c0:81:... 2a03:90c0:81:2102::230	199524 (GCORE G-C...) (GCORE G-Core Labs S.A.)
2	92.223.51.163 92.223.51.163	199524 (GCORE G-C...) (GCORE G-Core Labs S.A.)
1	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
12	2a03:90c0:999... 2a03:90c0:9996::9996	199524 (GCORE G-C...) (GCORE G-Core Labs S.A.)
16	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:80d::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.176.195 142.250.176.195	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:29:1... 2620:1ec:29:1::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	92.223.21.23 92.223.21.23	199524 (GCORE G-C...) (GCORE G-Core Labs S.A.)
2	142.251.32.100 142.251.32.100	15169 (GOOGLE) (GOOGLE)
1	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
64	17

1 88.208.22.3 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
PTR: mail.armadaboard.com

28909310-28255-ex.hydramaterrep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.13.225.41 (Germany)

ASN58087 (FlorianKolb Florian Kolb, DE)
PTR: 41.225.13.45.in-addr.arpa

redwingshere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.18.22.222 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

meherdewogoud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.169.157 (United States)

ASN13335 (CLOUDFLARENET, US)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.51.78.191 (Ashburn, United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

paychat.fuse-cloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.130.99 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.130.204.35.bc.googleusercontent.com

track.wargaming-aff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.100.195 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 195.100.204.35.bc.googleusercontent.com

track.wg-aff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:90c0:81:2102::230 (Luxembourg, Luxembourg) 1 redirects

ASN199524 (GCORE G-Core Labs S.A., LU)

trck.wargaming.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.223.51.163 (Luxembourg, Luxembourg)

ASN199524 (GCORE G-Core Labs S.A., LU)

join.worldoftanks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:90c0:9996::9996 (United States)

ASN199524 (GCORE G-Core Labs S.A., LU)

lms-static.wgcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn2wotcom.gcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.195 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.223.21.23 (Luxembourg, Luxembourg)

ASN199524 (GCORE G-Core Labs S.A., LU)

tenor.wargaming.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.32.100 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 329	172 KB
14	meherdewogoud.com 2 redirects meherdewogoud.com — Cisco Umbrella Rank: 237439	33 KB
11	wgcdn.co lms-static.wgcdn.co — Cisco Umbrella Rank: 402648	521 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	380 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 td.doubleclick.net — Cisco Umbrella Rank: 182	3 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3 adservice.google.com Failed	64 B
2	worldoftanks.com join.worldoftanks.com — Cisco Umbrella Rank: 446886	16 KB
2	wargaming.net 1 redirects trck.wargaming.net — Cisco Umbrella Rank: 218369 tenor.wargaming.net — Cisco Umbrella Rank: 237501	7 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10565	2 KB
2	redwingshere.xyz redwingshere.xyz — Cisco Umbrella Rank: 220818	911 B
1	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 625	162 B
1	gstatic.com fonts.gstatic.com	50 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 514	315 B
1	gcdn.co cdn2wotcom.gcdn.co — Cisco Umbrella Rank: 580259	7 MB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	107 KB
1	wg-aff.com 1 redirects track.wg-aff.com	339 B
1	wargaming-aff.com track.wargaming-aff.com — Cisco Umbrella Rank: 258113 Failed	152 B
1	fuse-cloud.com paychat.fuse-cloud.com — Cisco Umbrella Rank: 740991	1 KB
1	hydramaterrep.com 1 redirects 28909310-28255-ex.hydramaterrep.com	557 B
64	19

	Domain	Requested by
16	cdn.cookielaw.org	join.worldoftanks.com cdn.cookielaw.org
14	meherdewogoud.com	2 redirects meherdewogoud.com
11	lms-static.wgcdn.co	join.worldoftanks.com
4	www.googletagmanager.com	join.worldoftanks.com www.googletagmanager.com
2	www.google.com	www.googletagmanager.com join.worldoftanks.com
2	join.worldoftanks.com	redwingshere.xyz
2	my.rtmark.net	meherdewogoud.com
2	redwingshere.xyz
1	td.doubleclick.net	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	tenor.wargaming.net	redwingshere.xyz tenor.wargaming.net
1	www.clarity.ms	redwingshere.xyz
1	fonts.gstatic.com	fonts.googleapis.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	cdn2wotcom.gcdn.co	join.worldoftanks.com
1	fonts.googleapis.com	join.worldoftanks.com
1	trck.wargaming.net	1 redirects
1	track.wg-aff.com	1 redirects
1	track.wargaming-aff.com	paychat.fuse-cloud.com
1	paychat.fuse-cloud.com
1	28909310-28255-ex.hydramaterrep.com	1 redirects
0	adservice.google.com Failed	join.worldoftanks.com
64	22

This site contains links to these domains. Also see Links.

Domain
na.wargaming.net
legal.na.wargaming.net
legal.eu.wargaming.net
wargaming.net
www.esrb.org
wargaming.com
www.onetrust.com

Subject Issuer	Validity	Valid
redwingshere.xyz E6	`2024-12-07` - `2025-03-07`	3 months	crt.sh
meherdewogoud.com WE1	`2024-11-24` - `2025-02-22`	3 months	crt.sh
my.rtmark.net WE1	`2024-11-06` - `2025-02-04`	3 months	crt.sh
*.fuse-cloud.com Thawte TLS RSA CA G1	`2024-05-10` - `2025-05-18`	a year	crt.sh
*.worldoftanks.com R11	`2024-11-24` - `2025-02-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.wgcdn.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-18` - `2025-04-18`	a year	crt.sh
cookielaw.org WE1	`2024-12-09` - `2025-03-09`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.gcdn.co DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-03` - `2025-08-03`	a year	crt.sh
geolocation.onetrust.com WE1	`2024-12-09` - `2025-03-09`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.wargaming.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-25` - `2025-08-11`	a year	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Frame ID: 9E49D4A479A6827BF69B9B58E6A00D4B
Requests: 62 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fjoin.worldoftanks.com
Frame ID: 8B6E81B93DDE15FF4BF2108609C0C0E8
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1006839708?random=1734589084345&cv=11&fst=1734589084345&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v877323342z8831514219za201zb831514219&gcd=13v3v3v3v5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fjoin.worldoftanks.com%2F1600950461%2Fen_us%2F%3Ft%3D1%26pub_id%3D45%26xid%3D6763ba9a4a4db000015eeae1%26xid_param1%3D2443%26xid_param_2%3D114%26sid%3DSIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh%26enctid%3Dd6fgifza5c76%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D0%26teclient%3D1734589083038485360%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dq3y24x3t%26utm_content%3D45&hn=www.googleadservices.com&frm=0&tiba=World%20of%20Tanks%E2%80%94Free-to-Play%20Tank%20Action%20MMO.%20Download%20now%20and%20play%20for%20free!&npa=0&pscdl=noapi&auid=230534176.1734589084&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Frame ID: 471D1DA916F389A7264D91837F4B5211
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

World of Tanks—Free-to-Play Tank Action MMO. Download now and play for free!

Page URL History Show full URLs

https://28909310-28255-ex.hydramaterrep.com/jCBPDI00NArgZtczvVvMJyNPktkRvoHRdvsFPM6VTMwcNs7A9d0ApsqJUdQ1LdHNwtlUI6Z5h_m9... HTTP 307
https://redwingshere.xyz/go/8286/3?subid2={hostId} Page URL
https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fpciscg00g2 Page URL
https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
https://meherdewogoud.com/4/6118780?var=7482447&btz=Pacific/Honolulu&bto=600&bar=x Page URL
https://meherdewogoud.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
http://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893493963775025357&SUB_AFFID=6118780 HTTP 307
https://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893493963775025357&SUB_AFFID=6118780 Page URL
https://track.wargaming-aff.com/click?pid=2443&offer_id=114&ref_id=02637268476431734589081103611&sub1=1108&s... HTTP 302
https://track.wg-aff.com/click?pid=45&offer_id=23&sub1=2443&sub2=114 HTTP 302
https://trck.wargaming.net/q3y24x3t/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_par... HTTP 301
https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443... Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

64
Requests

94 %
HTTPS

40 %
IPv6

19
Domains

22
Subdomains

17
IPs

5
Countries

8796 kB
Transfer

11043 kB
Size

15
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://na.wargaming.net/registration/en/?game=wot&style=dark&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh
Title: PLAY NOW ON PC

Search URL Search Domain Scan URL

URL: https://na.wargaming.net/support/en/products/wot/
Title: PLAYER SUPPORT

Search URL Search Domain Scan URL

URL: https://legal.na.wargaming.net/en/eula/
Title: EULA

Search URL Search Domain Scan URL

URL: https://legal.eu.wargaming.net/en/privacy-policy/
Title: PRIVACY POLICY

Search URL Search Domain Scan URL

URL: https://wargaming.net/

Search URL Search Domain Scan URL

URL: http://www.esrb.org/

Search URL Search Domain Scan URL

URL: https://wargaming.com/en/ccpa/
Title: DO NOT SELL OR SHARE MY PERSONAL INFORMATION

Search URL Search Domain Scan URL

URL: https://legal.na.wargaming.net/en/privacy-policy/?_gl=1*pl5bsw*_gcl_au*MTc4OTAyMjEyOS4xNjg5NzgyNzA1*_ga*MTQ5MTc2NTgyNS4xNjg5NzgyNzA2*_ga_BWRKLL4HR5*MTY5MDE5OTA5Mi40LjAuMTY5MDE5OTA5Mi4wLjAuMA..&_ga=2.21820723.921589822.1690186137-326298036.1689782706#optout
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://legal.na.wargaming.net/en/privacy-policy/
Title: Our Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://28909310-28255-ex.hydramaterrep.com/jCBPDI00NArgZtczvVvMJyNPktkRvoHRdvsFPM6VTMwcNs7A9d0ApsqJUdQ1LdHNwtlUI6Z5h_m9euuzHOKnYBaKm66lu7iKdQEfS7pOjPlOue8kCXaBnqqQcf0cbg?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Foutletpic.com%2FdOLFUPdMm4w4qPkXZbB2eol1bPdcgtaIMA.php&referer=https...%20312%20...se%22%2C%22%5B%5D%22%5D&prsl=1 HTTP 307
https://redwingshere.xyz/go/8286/3?subid2={hostId} Page URL
https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fpciscg00g2 Page URL
https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
https://meherdewogoud.com/4/6118780?var=7482447&btz=Pacific/Honolulu&bto=600&bar=x Page URL
https://meherdewogoud.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
http://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893493963775025357&SUB_AFFID=6118780 HTTP 307
https://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893493963775025357&SUB_AFFID=6118780 Page URL
https://track.wargaming-aff.com/click?pid=2443&offer_id=114&ref_id=02637268476431734589081103611&sub1=1108&sub2=6118780&sub3= HTTP 302
https://track.wg-aff.com/click?pid=45&offer_id=23&sub1=2443&sub2=114 HTTP 302
https://trck.wargaming.net/q3y24x3t/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114 HTTP 301
https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://28909310-28255-ex.hydramaterrep.com/jCBPDI00NArgZtczvVvMJyNPktkRvoHRdvsFPM6VTMwcNs7A9d0ApsqJUdQ1LdHNwtlUI6Z5h_m9euuzHOKnYBaKm66lu7iKdQEfS7pOjPlOue8kCXaBnqqQcf0cbg?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Foutletpic.com%2FdOLFUPdMm4w4qPkXZbB2eol1bPdcgtaIMA.php&referer=https...%20312%20...se%22%2C%22%5B%5D%22%5D&prsl=1 HTTP 307
https://redwingshere.xyz/go/8286/3?subid2={hostId}

Request Chain 8

https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false HTTP 302
https://meherdewogoud.com/4/6118780?var=7482447&btz=Pacific/Honolulu&bto=600&bar=x

Request Chain 15

https://meherdewogoud.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
http://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893493963775025357&SUB_AFFID=6118780 HTTP 307
https://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893493963775025357&SUB_AFFID=6118780

Request Chain 58

https://ad.doubleclick.net/ddm/activity/src=9547698;type=acqpa0;cat=wotco00;u2=https://join.worldoftanks.com/1600950461/en_us/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=q3y24x3t;u6=1734589083038485360;u7=undefined;match_id=1734589083038485360;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1623914361 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9547698;dc_pre=COGU7PGXs4oDFZQ20AQdOXsXEQ;type=acqpa0;cat=wotco00;u2=https://join.worldoftanks.com/1600950461/en_us/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=q3y24x3t;u6=1734589083038485360;u7=undefined;match_id=1734589083038485360;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1623914361 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9547698;dc_pre=COGU7PGXs4oDFZQ20AQdOXsXEQ;type=acqpa0;cat=wotco00;u2=https://join.worldoftanks.com/1600950461/en_us/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=q3y24x3t;u6=1734589083038485360;u7=undefined;match_id=1734589083038485360;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1623914361

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

3 Show response
redwingshere.xyz/go/8286/
Redirect Chain

https://28909310-28255-ex.hydramaterrep.com/jCBPDI00NArgZtczvVvMJyNPktkRvoHRdvsFPM6VTMwcNs7A9d0ApsqJUdQ1LdHNwtlUI6Z5h_m9euuzHOKnYBaKm66lu7iKdQEfS7pOjPlOue8kCXaBnqqQcf0cbg?kws=&abl=0&fsb=0&pageUri=h...
https://redwingshere.xyz/go/8286/3?subid2={hostId}

293 B
757 B

477ms
179ms

Document
text/html

45.13.225.41
FlorianKolb Flori...

General

Check archive.org

Show headers Download Go to

Full URL: https://redwingshere.xyz/go/8286/3?subid2={hostId}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.13.225.41 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS: 41.225.13.45.in-addr.arpa
Software: nginx /
Resource Hash: a6c0439d38349563c61e19608822e8280093fc260d0be172f3c12a05e06797c7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: identity
Content-Length: 293
Content-Type: text/html; charset=utf-8
Date: Thu, 19 Dec 2024 06:17:59 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Thu, 19 Dec 2024 06:17:59 GMT
Pragma: no-cache
Server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 19 Dec 2024 06:17:58 GMT
expires: Thu, 19 Dec 2024 06:17:58 UTC
last-modified: Thu, 19 Dec 2024 06:17:58 UTC
location: https://redwingshere.xyz/go/8286/3?subid2={hostId}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma: no-cache
referrer-policy: no-referrer
server: nginx

GET
H2 200 7482447 Show response
meherdewogoud.com/4/ 31 KB
14 KB 226ms
152ms Document
text/html 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fpciscg00g2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ce762ed6405e24fc41de0ca14865a3f634da785c531f9ee70b8d0bc7425ac41

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f4545d2ff55b3cd-MIA
content-encoding: gzip
content-type: text/html; charset=utf8
date: Thu, 19 Dec 2024 06:17:59 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

GET
H/1.1 200
OK favicon.ico
redwingshere.xyz/ 0
154 B 156ms
155ms Other
text/html 45.13.225.41
FlorianKolb Flori...

General

Check archive.org

Show headers Download Go to

Full URL: https://redwingshere.xyz/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.13.225.41 , Germany, ASN58087 (FlorianKolb Florian Kolb, DE),
Reverse DNS: 41.225.13.45.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 0
Date: Thu, 19 Dec 2024 06:17:59 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx
Connection: keep-alive

GET
H3 200 img.gif
my.rtmark.net/ 43 B
881 B 189ms
153ms Image
image/gif 172.67.169.157
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0081377f688e48d3f0b2b298c0146a5b&z=7482447&p_rid=d7ffae34-16d3-48db-909e-21c2723f4b8b&p_src=sf

Requested by

Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fpciscg00g2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.169.157 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meherdewogoud.com/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CY2PzGSAfDEksCK4Z6%2FL%2Fgdcb3f8qbvl%2FggIHyCqjj%2B21ZTi5YuD0gVEpb0qGSyuG340%2FWooQ%2BjxCB3IkktN%2FcnQ9W24oTEsEfr4D7FMhsesU5HeFg5XzViFg50ydXW4"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30174&min_rtt=30094&rtt_var=4890&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4118&recv_bytes=4524&delivery_rate=503&cwnd=12000&unsent_bytes=0&cid=f41c228cce7d8392&ts=157&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 19 Dec 2024 06:17:59 GMT
content-type: image/gif
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8f4545d45adf09ce-MIA
access-control-allow-origin: *
content-length: 43
server: cloudflare

GET
H2 200 sftouch
meherdewogoud.com/ 43 B
152 B 146ms
145ms Image
image/gif 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meherdewogoud.com/sftouch?userId=0081377f688e48d3f0b2b298c0146a5b&z=7482447&p_rid=d7ffae34-16d3-48db-909e-21c2723f4b8b&p_src=sf&branchId=0&rb=1MXfvmWirJZsyoM7aoPkBWpFIBzbt4kW1T_RC19QLphcphraqDKmmGAwnk2v_4FAbzjmijtAEcazQR0jFhHUWjC2Fijjx0O51eRPsicAhkcf08NAgrQm5hElXE8IFP8dDHj-sXyUhZTFNKvgYRP91rWdx19bzNEiWCctCJH_2fBmd3LMduVTkQVf0ImjmPzm_YEIeVeL8LhsS2LgIXZGNKINEHYJ0608tpXyGa-7TXxtzp0TqJJcM2D1FfcnYF1B7Um2tDMcsXiKlQ4YO7StUGOE14Zy9JcLgKjfW4QP8kBfJackU8-6Fl27OYiYVHqdJdFoS0rZuRXLzwMAwBJFCQ==&w_img=1

Requested by

Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fpciscg00g2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fpciscg00g2

Response headers

access-control-max-age: 86400
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Dec 2024 06:17:59 GMT
content-type: image/gif
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 7f56e036741eb122fe736c5d88fdf616
cf-ray: 8f4545d4282ab3cd-MIA
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H3 200 add Show response
meherdewogoud.com/log/ 12 B
336 B 151ms
150ms XHR
application/json 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meherdewogoud.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d7ffae34-16d3-48db-909e-21c2723f4b8b

Requested by

Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fpciscg00g2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fpciscg00g2

Response headers

cf-cache-status: DYNAMIC
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 06:17:59 GMT
content-type: application/json; charset=utf-8
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8f4545d46d59099e-MIA
access-control-allow-origin: https://meherdewogoud.com
content-length: 12
server: cloudflare

POST
H3 200 add Show response
meherdewogoud.com/async_log/ 0
328 B 146ms
145ms XHR
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meherdewogoud.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d7ffae34-16d3-48db-909e-21c2723f4b8b

Requested by

Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fpciscg00g2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fpciscg00g2

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
cf-ray: 8f4545d46d5e099e-MIA
access-control-allow-origin: https://meherdewogoud.com
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Thu, 19 Dec 2024 06:17:59 GMT
server: cloudflare
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H3 204 favicon.ico
meherdewogoud.com/ 0
212 B 39ms
38ms Other
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meherdewogoud.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fpciscg00g2

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 1967926
cf-ray: 8f4545d56dce099e-MIA
expires: Sun, 17 Dec 2034 06:17:59 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 06:17:59 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3

200

6118780 Show response
meherdewogoud.com/4/
Redirect Chain

https://meherdewogoud.com/?z=7482447&syncedCookie=true&rhd=false
https://meherdewogoud.com/4/6118780?var=7482447&btz=Pacific/Honolulu&bto=600&bar=x

31 KB
14 KB

259ms
258ms

Document
text/html

104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meherdewogoud.com/4/6118780?var=7482447&btz=Pacific/Honolulu&bto=600&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8c70bd09be780c91afd1e70512bccf4787003f3de76cf2ed8f7d45fa6356e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://meherdewogoud.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f4545d6ae5f099e-MIA
content-encoding: gzip
content-type: text/html; charset=utf8
date: Thu, 19 Dec 2024 06:18:00 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://meherdewogoud.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f4545d59de7099e-MIA
content-length: 0
date: Thu, 19 Dec 2024 06:18:00 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://meherdewogoud.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://meherdewogoud.com/4/6118780?var=7482447&btz=Pacific/Honolulu&bto=600&bar=x
pragma: no-cache
priority: u=0,i
referrer-policy: no-referrer
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: d6e8cf612aa768a32bfc9922f887e61e

GET
H3 204 favicon.ico
meherdewogoud.com/ 0
0 6ms
6ms Other
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meherdewogoud.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meherdewogoud.com/afu.php?zoneid=7482447&var=7482447&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 1967926
cf-ray: 8f4545d56dce099e-MIA
expires: Sun, 17 Dec 2034 06:17:59 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 06:17:59 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3 200 sftouch
meherdewogoud.com/ 43 B
562 B 150ms
149ms Image
image/gif 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meherdewogoud.com/sftouch?userId=00813771325e4218ea821d988445cf9d&z=6118780&p_rid=1ce44232-f7fd-4fc9-b148-3ecd6839e141&p_src=sf&branchId=0&rb=nGX0VPR7-hT6cUR1C6TfTmWQRDTLDKNm509NZlWE8D_QfXeJ3IewZIB1ixn1JrIvuuOy3qHtJelMGTabifcbmNa5Bjc7wxCLDjiyKCA6JRaL7CYwY94k5ByN5nt0PIy1NJPgDl20QU495modc7SiQ-OGBy2ru0CN4blwxjdbOH4WTaZDLYl0O7wgl-EE1Inpc3kzaBRvQXGp5FAAjsWKSvfRE3YMAdKPxjniy8h3YQ1ayX3p2M09GLBBEBQzwJQu9CzPXuzGeJ5eV4AQKNwVY_kbfHlbHM78tBA4YAy47zUAlt4xDJGcpA==&w_img=1

Requested by

Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Pacific/Honolulu&bto=600&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meherdewogoud.com/4/6118780?var=7482447&btz=Pacific/Honolulu&bto=600&bar=x

Response headers

access-control-max-age: 86400
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 06:18:00 GMT
content-type: image/gif
priority: u=3,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: b3f3e0281108dd39fb371726c3abf9c1
cf-ray: 8f4545d86f5f099e-MIA
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H3 200 add Show response
meherdewogoud.com/log/ 12 B
336 B 149ms
147ms XHR
application/json 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meherdewogoud.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=1ce44232-f7fd-4fc9-b148-3ecd6839e141

Requested by

Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Pacific/Honolulu&bto=600&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://meherdewogoud.com/4/6118780?var=7482447&btz=Pacific/Honolulu&bto=600&bar=x

Response headers

cf-cache-status: DYNAMIC
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 06:18:00 GMT
content-type: application/json; charset=utf-8
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8f4545d89f77099e-MIA
access-control-allow-origin: https://meherdewogoud.com
content-length: 12
server: cloudflare

GET
H3 200 img.gif
my.rtmark.net/ 43 B
843 B 153ms
153ms Image
image/gif 172.67.169.157
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=00813771325e4218ea821d988445cf9d&z=6118780&p_rid=1ce44232-f7fd-4fc9-b148-3ecd6839e141&p_src=sf

Requested by

Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Pacific/Honolulu&bto=600&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.169.157 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meherdewogoud.com/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HrzAcBzdrR1HnIKjRK%2BhTCB2R0ObrpvWnQvGQmgyX3qXPK8jU5H1agh6ysEUnYJ%2BB34MVMKWr3I7gu8zXyFerJvdxWtOeqoKUSOXk3DyB%2Fgo1QzFOo65Tfrxa56KvHTh"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30325&min_rtt=30094&rtt_var=3969&sent=13&recv=12&lost=0&retrans=0&sent_bytes=5046&recv_bytes=5007&delivery_rate=16033&cwnd=12000&unsent_bytes=0&cid=f41c228cce7d8392&ts=835&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 19 Dec 2024 06:18:00 GMT
content-type: image/gif
priority: u=3,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8f4545d89cc609ce-MIA
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H3 200 add Show response
meherdewogoud.com/async_log/ 0
292 B 150ms
149ms XHR
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meherdewogoud.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=1ce44232-f7fd-4fc9-b148-3ecd6839e141

Requested by

Host: meherdewogoud.com
URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Pacific/Honolulu&bto=600&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://meherdewogoud.com/4/6118780?var=7482447&btz=Pacific/Honolulu&bto=600&bar=x

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
cf-ray: 8f4545d89f7b099e-MIA
access-control-allow-origin: https://meherdewogoud.com
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Thu, 19 Dec 2024 06:18:00 GMT
server: cloudflare
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H3 204 favicon.ico
meherdewogoud.com/ 0
0 0ms
0ms Other
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meherdewogoud.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meherdewogoud.com/4/6118780?var=7482447&btz=Pacific/Honolulu&bto=600&bar=x

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 1967926
cf-ray: 8f4545d56dce099e-MIA
expires: Sun, 17 Dec 2034 06:17:59 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 06:17:59 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H2

200

tl Show response
paychat.fuse-cloud.com/
Redirect Chain

https://meherdewogoud.com/?z=6118780&syncedCookie=true&rhd=false
http://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893493963775025357&SUB_AFFID=6118780
https://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893493963775025357&SUB_AFFID=6118780

921 B
1 KB

255ms
60ms

Document
text/html

49.51.78.191
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893493963775025357&SUB_AFFID=6118780
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.78.191 Ashburn, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx /
Resource Hash: 19cdebab8b0da50b49c00d27c3f185be4810d5ce83f5052e238f353a12ac5ea7

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://meherdewogoud.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 921
content-type: text/html; charset=utf-8
date: Thu, 19 Dec 2024 06:18:01 GMT
expires: Sun, 06 Nov 1994 08:49:37 GMT
p3p: CP="NOI CUR OUR NOR INT"
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow

Redirect headers

Location: https://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893493963775025357&SUB_AFFID=6118780
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 204 favicon.ico
meherdewogoud.com/ 0
0 0ms
0ms Other
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meherdewogoud.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meherdewogoud.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 1967926
cf-ray: 8f4545d56dce099e-MIA
expires: Sun, 17 Dec 2034 06:17:59 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 06:17:59 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET click
track.wargaming-aff.com/ 0
0

GET
H/1.1

200
OK

Primary Request / Show response
join.worldoftanks.com/1600950461/en_us/
Redirect Chain

https://track.wargaming-aff.com/click?pid=2443&offer_id=114&ref_id=02637268476431734589081103611&sub1=1108&sub2=6118780&sub3=
https://track.wg-aff.com/click?pid=45&offer_id=23&sub1=2443&sub2=114
https://trck.wargaming.net/q3y24x3t/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114
https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vg...

31 KB
8 KB

456ms
151ms

Document
text/html

92.223.51.163
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Requested by: Host: redwingshere.xyz
URL: https://redwingshere.xyz/go/8286/3?subid2={hostId}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 92.223.51.163 Luxembourg, Luxembourg, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 041a9050cb0213de1833527b3d55a46d88e7129a299fd37bdd117f22af5be6fb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 19 Dec 2024 06:18:03 GMT
ETag: W/"671790c4-7dc6"
Last-Modified: Tue, 22 Oct 2024 11:47:16 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 22
Content-Type: text/plain; charset=utf-8
Date: Thu, 19 Dec 2024 06:18:03 GMT
Location: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Server: nginx

GET
H2 200 css
fonts.googleapis.com/ 417 KB
107 KB 233ms
95ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+KR:400,700|Noto+Sans+JP:400,700|Roboto+Condensed:400,700&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

93ad8af6d0630fafb3551b54095353144548f6a2b06beccc55703d5afdae792c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Dec 2024 06:18:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 19 Dec 2024 04:48:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 vendors~app.a6ba7bbd.js Show response
lms-static.wgcdn.co/1600950461/dist/landing/videoback/ 185 KB
62 KB 134ms
42ms Script
application/javascript 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://lms-static.wgcdn.co/1600950461/dist/landing/videoback/vendors~app.a6ba7bbd.js
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 8052241fe12c5981a448f5f3b3cc29533dfaf04d464084dc0fd90c931e4eea13

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc14
content-encoding: gzip
etag: W/"671790c4-2e55a"
age: 723386
traceparent: 00-1168e9a7fb574eb36a5462fae5ff8856-4c3b376755b7d26a-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 11:47:16 GMT
server: nginx
x-cached-since: 2024-12-10T21:21:37+00:00
vary: Accept-Encoding

GET
H2 200 app.1afdea26.css
lms-static.wgcdn.co/1600950461/dist/landing/videoback/ 40 KB
7 KB 122ms
31ms Stylesheet
text/css 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://lms-static.wgcdn.co/1600950461/dist/landing/videoback/app.1afdea26.css
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: ce19047cdde0a0c8762adf3d8f450569b7c536550f75b28571cccb6a397e50c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc14
content-encoding: gzip
etag: W/"671790c4-9ec2"
age: 1323782
traceparent: 00-9e21c7ccc6e4ad74ea92c78c77effd1c-6e1a48742b258aa1-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: text/css
last-modified: Tue, 22 Oct 2024 11:47:16 GMT
server: nginx
x-cached-since: 2024-12-03T22:35:01+00:00
vary: Accept-Encoding

GET
H2 200 app.41cb52fe.js Show response
lms-static.wgcdn.co/1600950461/dist/landing/videoback/ 96 KB
22 KB 125ms
34ms Script
application/javascript 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://lms-static.wgcdn.co/1600950461/dist/landing/videoback/app.41cb52fe.js
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 59d32ad39544a1e9509670ba52a1cde4e48a445e782d234ab71984b76449dd79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc14
content-encoding: gzip
etag: W/"671790c4-17ec1"
age: 836884
traceparent: 00-c722e86ce394e7d1fa8adffd6ce3b699-bdcba3987225c78a-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 11:47:16 GMT
server: nginx
x-cached-since: 2024-12-09T13:49:59+00:00
vary: Accept-Encoding

GET
H2 200 a3c86a67f4c5bb1c6cdb50b1092c0761_1600946860.jpg
lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/ 364 KB
365 KB 159ms
68ms Image
image/jpeg 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/a3c86a67f4c5bb1c6cdb50b1092c0761_1600946860.jpg
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: f6a40920a81d3a3489189bbb747f7d3e1b2a87f7568361e4872353bc2cb082b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc14
etag: "5f6c82ac-5b11c"
age: 15703770
traceparent: 00-8bedb656b13a96d1b4d9c52a1afc0e18-b98767d8b84ff35e-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 373020
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: image/jpeg
last-modified: Thu, 24 Sep 2020 11:27:40 GMT
server: nginx
x-cached-since: 2024-06-20T12:08:33+00:00

GET
H2 200 04b0ba212e17098cc7786c56bca5d832_1600946934.png
lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/ 7 KB
7 KB 188ms
98ms Image
image/png 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/04b0ba212e17098cc7786c56bca5d832_1600946934.png
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 3038bb7d8adebbe73e330bbea5739b04efe6b04d5a1d81db314bd29251813967

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc14
etag: "5f6c82f6-1a06"
age: 15703770
traceparent: 00-4b79bd1d6b1c2f01088f6f122adb98ae-130e9c74407fb14c-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6662
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: image/png
last-modified: Thu, 24 Sep 2020 11:28:54 GMT
server: nginx
x-cached-since: 2024-06-20T12:08:33+00:00

GET
H2 200 9a3147f7202207fd86f303867669af7c_1600947283.png
lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/ 2 KB
2 KB 96ms
38ms Image
image/png 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/9a3147f7202207fd86f303867669af7c_1600947283.png
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 0eb8340c0b3fc3e36cd816cb9ce8e819b64b40ded2504741eb4662bb10eea015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc14
etag: "5f6c8453-624"
age: 15703770
traceparent: 00-805c24ed8241734c58b3205286e6a526-d6cde72b947e1c9c-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1572
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: image/png
last-modified: Thu, 24 Sep 2020 11:34:43 GMT
server: nginx
x-cached-since: 2024-06-20T12:08:33+00:00

GET
H2 200 75eec5a819fd971e63a55c466a36211c_1680441088.png
lms-static.wgcdn.co/videoback-ongoing-na-wothq-1691/ 28 KB
29 KB 74ms
70ms Image
image/png 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lms-static.wgcdn.co/videoback-ongoing-na-wothq-1691/75eec5a819fd971e63a55c466a36211c_1680441088.png
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 07871f75a6f4007f7f7d9adf5382f953c1dce8407149662dd88617a1d8d4055a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc14
etag: "64297f00-7186"
age: 15703770
traceparent: 00-7f0ce65a0c13af193c012e728e12aeae-1b35817f2a495610-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29062
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: image/png
last-modified: Sun, 02 Apr 2023 13:11:28 GMT
server: nginx
x-cached-since: 2024-06-20T12:08:33+00:00

GET
H2 200 adc7b861314b6562f2e467f49b1b26b1_1729597490.jpg
lms-static.wgcdn.co/videoback-ongoing-na-wothq-1691/ 21 KB
21 KB 73ms
70ms Image
image/jpeg 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lms-static.wgcdn.co/videoback-ongoing-na-wothq-1691/adc7b861314b6562f2e467f49b1b26b1_1729597490.jpg
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 277608d596f10979339f990d6b88f190fd4619f524271684f67d8f78f449ceb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc14
etag: "67179032-5383"
age: 4990439
traceparent: 00-6c503e9da1aee338b84ac5c5c0311c3e-ea21959385634ff5-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21379
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: image/jpeg
last-modified: Tue, 22 Oct 2024 11:44:50 GMT
server: nginx
x-cached-since: 2024-10-22T12:04:04+00:00

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/393e4538-8874-4e85-b1b1-120b3ea5be28/ 33 KB
5 KB 130ms
62ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/393e4538-8874-4e85-b1b1-120b3ea5be28/OtAutoBlock.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f4685e65a52d104ef09632bd35e0c65d2e9fc5382e31def5a53911083ef6827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: IX9wlXLoZWHZCO+W52HYgQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCA4C51DE7FA06
age: 69591
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 20 Dec 2024 06:18:03 GMT
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: application/javascript
last-modified: Mon, 15 Jul 2024 11:56:09 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 0be269a5-601e-0053-7a4c-268f85000000
cf-ray: 8f4545ed3c1780ca-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4703
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 113ms
45ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: UzmBk0Ra4K9he+CwjGKb/g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD1DE4B7A34202
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 72641
x-content-type-options: nosniff
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 15:17:12 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 1138e44e-a01e-0067-6135-50202d000000
cf-ray: 8f4545ed3c1580ca-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7211
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 632 KB
166 KB 220ms
77ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-58QVDL8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

270e5109cc9c9fa595f86db6d6c56e511e27336c9f4f5d6ad81a604f952589f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 19 Dec 2024 06:18:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 169128
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 eval.js
lms-static.wgcdn.co/1600950461/dist/landing/videoback/ 0
304 B 74ms
71ms Other
application/javascript 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://lms-static.wgcdn.co/1600950461/dist/landing/videoback/eval.js
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc14
etag: "671790c4-b1"
age: 109540
traceparent: 00-6fadc07a6e3c8d623d6e8ffd694446b0-a58423066f271863-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 177
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 11:47:16 GMT
server: nginx
x-cached-since: 2024-12-17T23:52:23+00:00

GET
H2 200 riddler.js
lms-static.wgcdn.co/1600950461/dist/landing/videoback/ 0
5 KB 72ms
69ms Other
application/javascript 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://lms-static.wgcdn.co/1600950461/dist/landing/videoback/riddler.js
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc14
content-encoding: gzip
etag: W/"671790c4-4391"
age: 3271414
traceparent: 00-77aa780f15faa998069ebc39ca0129ae-95b80c8b5b67c55c-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 11:47:16 GMT
server: nginx
x-cached-since: 2024-11-11T09:34:29+00:00
vary: Accept-Encoding

GET
H2 200 sha3.js
lms-static.wgcdn.co/1600950461/dist/landing/videoback/ 0
2 KB 72ms
68ms Other
application/javascript 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://lms-static.wgcdn.co/1600950461/dist/landing/videoback/sha3.js
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc14
content-encoding: gzip
etag: W/"671790c4-1704"
age: 1293813
traceparent: 00-e1a495e288f856eeb64d96e88a34b853-299357c9b6f91552-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 11:47:16 GMT
server: nginx
x-cached-since: 2024-12-04T06:54:30+00:00
vary: Accept-Encoding

GET
H2 206 WOT_New_videoback_v3.webm
cdn2wotcom.gcdn.co/promo_web/WOT/March2019/ 7 MB
7 MB 119ms
36ms Media
video/webm 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2wotcom.gcdn.co/promo_web/WOT/March2019/WOT_New_videoback_v3.webm
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 333a1356229544852de21506199e090e01791081b4b32e3a5d7864506a07eeb9

Request headers

Referer: https://join.worldoftanks.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cache: HIT
cache-control: max-age=290304000, public
x-id: mi1-hw-edge-gc29
etag: "752911-583e06c461b00"
age: 15703703
Content-Range: bytes 0-7678224/7678225
traceparent: 00-0d5d2af621ee0486215a413fec0b224f-ad1937a554d508ea-01
expires: Fri, 20 Jun 2025 12:09:40 GMT
Content-Length: 7678225
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: video/webm
last-modified: Tue, 12 Mar 2019 07:13:16 GMT
server: nginx
x-cached-since: 2024-06-20T12:09:40+00:00

GET
H2 200 393e4538-8874-4e85-b1b1-120b3ea5be28.json Show response
cdn.cookielaw.org/consent/393e4538-8874-4e85-b1b1-120b3ea5be28/ 10 KB
4 KB 111ms
46ms XHR
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/393e4538-8874-4e85-b1b1-120b3ea5be28/393e4538-8874-4e85-b1b1-120b3ea5be28.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9913f3fb52dd7a2168336c13c57e85bbe11a40b30dbd8a8dd6e6d615edd390b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: H3nzD0EH/+Y7U1WK5PMMuA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCA4C51E2C30D6
age: 75308
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 20 Dec 2024 06:18:03 GMT
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: application/json
last-modified: Mon, 15 Jul 2024 11:56:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 4b6dcba2-101e-00fd-244c-26ace8000000
cf-ray: 8f4545edfe658d96-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3704
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
315 B 120ms
51ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: application/json
Referer: https://join.worldoftanks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8f4545eea90ba689-MIA
access-control-allow-origin: *
date: Thu, 19 Dec 2024 06:18:03 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 132ms
61ms Font
font/woff2 142.250.176.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR:400,700|Noto+Sans+JP:400,700|Roboto+Condensed:400,700&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f3.1e100.net

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://join.worldoftanks.com
Referer: https://fonts.googleapis.com/

Response headers

age: 522684
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 13 Dec 2025 05:06:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 05:06:40 GMT
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51404
x-xss-protection: 0
server: sffe

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/ 451 KB
110 KB 50ms
49ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: 7I5y/rp4ODu7ul89ty+epQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E56F667161
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 79789
x-content-type-options: nosniff
date: Thu, 19 Dec 2024 06:18:04 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 22:20:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 5bc25b51-101e-0031-4bd5-2cc85d000000
cf-ray: 8f4545ef3fdf80ca-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 112027
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 302 KB
102 KB 80ms
79ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1006839708&l=dataLayer&cx=c&gtm=45He4cc1v831514219za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58QVDL8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d835258fc97716403f2edf07c91b601fedc1de2b93d58fcad8629b08844b2f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 19 Dec 2024 06:18:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 06:18:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Dec 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 104250
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 349 KB
112 KB 97ms
97ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZLQ&l=dataLayer&gtm=45He4cc1v831514219za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58QVDL8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ab8aa4cb7a0a34210b0ac496a665ed6454cd09438c7945240699aa593981039

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 19 Dec 2024 06:18:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 06:18:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 114203
x-xss-protection: 0
server: Google Tag Manager

GET
H2 204 kuynu347n2 Show response
www.clarity.ms/tag/ 0
162 B 275ms
64ms Script
text/plain 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/kuynu347n2?ref=gtm2
Requested by: Host: redwingshere.xyz
URL: https://redwingshere.xyz/go/8286/3?subid2={hostId}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
x-cache: CONFIG_NOCACHE
date: Thu, 19 Dec 2024 06:18:04 GMT
x-azure-ref: 20241219T061804Z-1866b6b58d992pmfhC1BN1n8q40000000rm0000000004gew

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/393e4538-8874-4e85-b1b1-120b3ea5be28/019077bf-40d8-7aa4-9e76-fcfa000e7db4/ 92 KB
19 KB 52ms
51ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/393e4538-8874-4e85-b1b1-120b3ea5be28/019077bf-40d8-7aa4-9e76-fcfa000e7db4/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbd0a0a1a9b84052f2a421eb1ee0e45497c0abcceccd20058848451331ed0d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: ntdtk7ZpK+7DmEEo17XI2w==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCA4C51F473A05
age: 73567
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 20 Dec 2024 06:18:04 GMT
date: Thu, 19 Dec 2024 06:18:04 GMT
content-type: application/json
last-modified: Mon, 15 Jul 2024 11:56:12 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: d583efdd-301e-002d-6b4c-26104a000000
cf-ray: 8f4545f06fc68d96-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19719
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H/1.1 200
OK collect.js Show response
tenor.wargaming.net/assets/device/static/ 15 KB
6 KB 493ms
160ms Script
application/javascript 92.223.21.23
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://tenor.wargaming.net/assets/device/static/collect.js
Requested by: Host: redwingshere.xyz
URL: https://redwingshere.xyz/go/8286/3?subid2={hostId}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 92.223.21.23 Luxembourg, Luxembourg, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: openresty /
Resource Hash: 43f6b825bd0ac679683125f2247d28d6f00e4ff85934b37ae7a5e459cd476c8f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"6710c25f-3ac2"
Connection: keep-alive
Keep-Alive: timeout=200
Date: Thu, 19 Dec 2024 06:18:04 GMT
Last-Modified: Thu, 17 Oct 2024 07:53:03 GMT
Content-Type: application/javascript
Vary: Accept-Encoding, Accept-Encoding
Server: openresty

POST
H3 200 collect
www.google.com/ccm/ 0
0 203ms
79ms Ping
text/plain 142.251.32.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fjoin.worldoftanks.com%2F1600950461%2Fen_us%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1032880518.1734589084&dt=World%20of%20Tanks%E2%80%94Free-to-Play%20Tank%20Action%20MMO.%20Download%20now%20and%20play%20for%20free!&auid=230534176.1734589084&navt=n&npa=0&gtm=45He4cc1v831514219za200&gcs=G111&gcd=13v3v3v3v5l1&dma=0&tag_exp=101509156~101925629~102067555~102067808~102081485~102198178&tft=1734589084292&tfd=2720&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58QVDL8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.32.100 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s77-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 13 KB
3 KB 45ms
42ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: sHJXWIgDpMKY35PyRRy4zQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E56B3084E2
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 65526
x-content-type-options: nosniff
date: Thu, 19 Dec 2024 06:18:04 GMT
content-type: application/json
last-modified: Tue, 16 Jul 2024 22:19:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 8ed4f560-001e-00c0-662b-3119ce000000
cf-ray: 8f4545f0f8258d96-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3003
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/ 62 KB
13 KB 46ms
44ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: LtDYZmcfPNW39lMw/Yu0RQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E56C7CC8BB
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 67536
x-content-type-options: nosniff
date: Thu, 19 Dec 2024 06:18:04 GMT
content-type: application/json
last-modified: Tue, 16 Jul 2024 22:19:56 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: f7d4113c-101e-007e-53a9-290c45000000
cf-ray: 8f4545f0f8268d96-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12723
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 24 KB
4 KB 43ms
41ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 78619
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 19 Dec 2024 06:18:04 GMT
content-type: text/css
last-modified: Tue, 16 Jul 2024 22:20:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: f061d5f4-501e-00f1-73ee-454219000000
cf-ray: 8f4545f0f8288d96-MIA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 8B6E 0
0 189ms
62ms Document
text/html 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fjoin.worldoftanks.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58QVDL8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 493435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Dec 2024 13:14:09 GMT
expires: Sat, 13 Dec 2025 13:14:09 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/393e4538-8874-4e85-b1b1-120b3ea5be28/019077bf-40d8-7aa4-9e76-fcfa000e7db4/ 92 KB
0 0ms
0ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/393e4538-8874-4e85-b1b1-120b3ea5be28/019077bf-40d8-7aa4-9e76-fcfa000e7db4/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbd0a0a1a9b84052f2a421eb1ee0e45497c0abcceccd20058848451331ed0d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: ntdtk7ZpK+7DmEEo17XI2w==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCA4C51F473A05
age: 73567
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 20 Dec 2024 06:18:04 GMT
date: Thu, 19 Dec 2024 06:18:04 GMT
content-type: application/json
last-modified: Mon, 15 Jul 2024 11:56:12 GMT
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: d583efdd-301e-002d-6b4c-26104a000000
cf-ray: 8f4545f06fc68d96-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19719
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1006839708/ 5 KB
3 KB 211ms
81ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1006839708/?random=1734589084345&cv=11&fst=1734589084345&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v877323342z8831514219za201zb831514219&gcd=13v3v3v3v5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fjoin.worldoftanks.com%2F1600950461%2Fen_us%2F%3Ft%3D1%26pub_id%3D45%26xid%3D6763ba9a4a4db000015eeae1%26xid_param1%3D2443%26xid_param_2%3D114%26sid%3DSIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh%26enctid%3Dd6fgifza5c76%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D0%26teclient%3D1734589083038485360%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dq3y24x3t%26utm_content%3D45&hn=www.googleadservices.com&frm=0&tiba=World%20of%20Tanks%E2%80%94Free-to-Play%20Tank%20Action%20MMO.%20Download%20now%20and%20play%20for%20free!&npa=0&pscdl=noapi&auid=230534176.1734589084&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1006839708&l=dataLayer&cx=c&gtm=45He4cc1v831514219za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

be918c830ef7030f84ddd1427e58f07f52d2f6cdfec5d1996d2bffcd16b74e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2667
date: Thu, 19 Dec 2024 06:18:04 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 1006839708
td.doubleclick.net/td/rul/ Frame 471D 0
0 220ms
85ms Document
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/1006839708?random=1734589084345&cv=11&fst=1734589084345&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v877323342z8831514219za201zb831514219&gcd=13v3v3v3v5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fjoin.worldoftanks.com%2F1600950461%2Fen_us%2F%3Ft%3D1%26pub_id%3D45%26xid%3D6763ba9a4a4db000015eeae1%26xid_param1%3D2443%26xid_param_2%3D114%26sid%3DSIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh%26enctid%3Dd6fgifza5c76%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D0%26teclient%3D1734589083038485360%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dq3y24x3t%26utm_content%3D45&hn=www.googleadservices.com&frm=0&tiba=World%20of%20Tanks%E2%80%94Free-to-Play%20Tank%20Action%20MMO.%20Download%20now%20and%20play%20for%20free!&npa=0&pscdl=noapi&auid=230534176.1734589084&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1006839708&l=dataLayer&cx=c&gtm=45He4cc1v831514219za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://join.worldoftanks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 610
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Dec 2024 06:18:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 13 KB
0 0ms
0ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: sHJXWIgDpMKY35PyRRy4zQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E56B3084E2
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 65526
x-content-type-options: nosniff
date: Thu, 19 Dec 2024 06:18:04 GMT
content-type: application/json
last-modified: Tue, 16 Jul 2024 22:19:54 GMT
vary: Accept-Encoding
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 8ed4f560-001e-00c0-662b-3119ce000000
cf-ray: 8f4545f0f8258d96-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3003
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/ 62 KB
0 2ms
2ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: LtDYZmcfPNW39lMw/Yu0RQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E56C7CC8BB
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 67536
x-content-type-options: nosniff
date: Thu, 19 Dec 2024 06:18:04 GMT
content-type: application/json
last-modified: Tue, 16 Jul 2024 22:19:56 GMT
vary: Accept-Encoding
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: f7d4113c-101e-007e-53a9-290c45000000
cf-ray: 8f4545f0f8268d96-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12723
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 24 KB
0 2ms
2ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 78619
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 19 Dec 2024 06:18:04 GMT
content-type: text/css
last-modified: Tue, 16 Jul 2024 22:20:07 GMT
vary: Accept-Encoding
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: f061d5f4-501e-00f1-73ee-454219000000
cf-ray: 8f4545f0f8288d96-MIA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
495 B 42ms
41ms Fetch
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 68297
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 19 Dec 2024 06:18:04 GMT
content-type: image/svg+xml
last-modified: Mon, 16 Dec 2024 15:17:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 542ffbaa-b01e-0015-3944-505113000000
cf-ray: 8f4545f1d88a8d96-MIA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 wot-logo@2x.png
cdn.cookielaw.org/logos/04fe1919-d767-41dc-abd4-f409a111f829/cfdc5e93-6a6e-445b-bc35-e6447be571d5/5b368339-3dd4-4a3d-b195-427484633d8d/ 3 KB
3 KB 43ms
41ms Image
image/png 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/04fe1919-d767-41dc-abd4-f409a111f829/cfdc5e93-6a6e-445b-bc35-e6447be571d5/5b368339-3dd4-4a3d-b195-427484633d8d/wot-logo@2x.png

Requested by

Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c45c9dbace7b7998f7759fcac9212c9bbfc7caf99e8def9e241b6b3520e1b58a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: +PhRFNskrq6Bstg4GxgQlA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DC1E77D7E73D92
age: 64367
cf-cache-status: HIT
x-content-type-options: nosniff
date: Thu, 19 Dec 2024 06:18:04 GMT
content-type: image/png
last-modified: Fri, 26 Jan 2024 14:05:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 9e9daec9-301e-008b-1728-b6fab7000000
cf-ray: 8f4545f1ed7280ca-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3322
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 40ms
38ms Image
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 67257
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 19 Dec 2024 06:18:04 GMT
content-type: image/svg+xml
last-modified: Mon, 16 Dec 2024 15:17:15 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 227f14eb-001e-0007-5a80-50650f000000
cf-ray: 8f4545f1ed7380ca-MIA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H/1.1 200
OK / Show response
join.worldoftanks.com/1600950461/en_us/ 31 KB
8 KB 149ms
147ms XHR
text/html 92.223.51.163
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Requested by: Host: redwingshere.xyz
URL: https://redwingshere.xyz/go/8286/3?subid2={hostId}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 92.223.51.163 Luxembourg, Luxembourg, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 041a9050cb0213de1833527b3d55a46d88e7129a299fd37bdd117f22af5be6fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"671790c4-7dc6"
Connection: keep-alive
Date: Thu, 19 Dec 2024 06:18:04 GMT
Content-Type: text/html
Last-Modified: Tue, 22 Oct 2024 11:47:16 GMT
Server: nginx
Vary: Accept-Encoding

GET

;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=q3y24x3t;u6=1734589083038485360;u7=undefined;match_id=1734589083038485360;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
adservice.google.com/ddm/fls/z/src=9547698;dc_pre=COGU7PGXs4oDFZQ20AQdOXsXEQ;type=acqpa0;cat=wotco00;u2=https://join.worldoftanks.com/1600950461/en_us/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9547698;type=acqpa0;cat=wotco00;u2=https://join.worldoftanks.com/1600950461/en_us/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=q...
https://ad.doubleclick.net/ddm/activity/src=9547698;dc_pre=COGU7PGXs4oDFZQ20AQdOXsXEQ;type=acqpa0;cat=wotco00;u2=https://join.worldoftanks.com/1600950461/en_us/;u3=WOT%20ONGOING%20WW%20Videoback%20...
https://adservice.google.com/ddm/fls/z/src=9547698;dc_pre=COGU7PGXs4oDFZQ20AQdOXsXEQ;type=acqpa0;cat=wotco00;u2=https://join.worldoftanks.com/1600950461/en_us/;u3=WOT%20ONGOING%20WW%20Videoback%20L...

0
0

GET
H3 200 /
www.google.com/pagead/1p-user-list/1006839708/ 42 B
64 B 81ms
81ms Image
image/gif 142.251.32.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1006839708/?random=1734589084345&cv=11&fst=1734588000000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v877323342z8831514219za201zb831514219&gcd=13v3v3v3v5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fjoin.worldoftanks.com%2F1600950461%2Fen_us%2F%3Ft%3D1%26pub_id%3D45%26xid%3D6763ba9a4a4db000015eeae1%26xid_param1%3D2443%26xid_param_2%3D114%26sid%3DSIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh%26enctid%3Dd6fgifza5c76%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D0%26teclient%3D1734589083038485360%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dq3y24x3t%26utm_content%3D45&hn=www.googleadservices.com&frm=0&tiba=World%20of%20Tanks%E2%80%94Free-to-Play%20Tank%20Action%20MMO.%20Download%20now%20and%20play%20for%20free!&npa=0&pscdl=noapi&auid=230534176.1734589084&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dfKpfKudnf8ckZ7ZuN9DqwUd_Ze1jKg&random=3049638045&rmt_tld=0&ipr=y

Requested by

Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.100 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 19 Dec 2024 06:18:04 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
0 0ms
0ms Fetch
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 68297
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 19 Dec 2024 06:18:04 GMT
content-type: image/svg+xml
last-modified: Mon, 16 Dec 2024 15:17:14 GMT
vary: Accept-Encoding
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 542ffbaa-b01e-0015-3944-505113000000
cf-ray: 8f4545f1d88a8d96-MIA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0745a0ed7ee4a4b87092a86cd94d44825e1f096efffbac0041aca3c01a0de04b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

POST cf
tenor.wargaming.net/ 0
0

OPTIONS cf
tenor.wargaming.net/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.wargaming-aff.com
URL: https://track.wargaming-aff.com/click?pid=2443&offer_id=114&ref_id=02637268476431734589081103611&sub1=1108&sub2=6118780&sub3=

Domain: adservice.google.com
URL: https://adservice.google.com/ddm/fls/z/src=9547698;dc_pre=COGU7PGXs4oDFZQ20AQdOXsXEQ;type=acqpa0;cat=wotco00;u2=https://join.worldoftanks.com/1600950461/en_us/;u3=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691;u4=affiliate;u5=q3y24x3t;u6=1734589083038485360;u7=undefined;match_id=1734589083038485360;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1623914361

Domain: tenor.wargaming.net
URL: https://tenor.wargaming.net/cf

Domain: tenor.wargaming.net
URL: https://tenor.wargaming.net/cf

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
redwingshere.xyz/	1970-01-21 01:50:52	Name: mobitck Value: 1
my.rtmark.net/	1970-01-21 10:35:25	Name: ID Value: 0081377f688e48d3f0b2b298c0146a5b
meherdewogoud.com/	1970-01-21 10:35:25	Name: oaidts Value: 1734589080
meherdewogoud.com/	1970-01-21 10:35:25	Name: OAID Value: 0081377f688e48d3f0b2b298c0146a5b
meherdewogoud.com/	1970-01-21 01:59:53	Name: syncedCookie Value: true
track.wg-aff.com/	1970-01-21 10:35:25	Name: afclick Value: 6763ba9a4a4db000015eeae1
track.wg-aff.com/	1970-01-21 10:35:25	Name: afoffers Value: {"23":1734589082}
.wargaming.net/	1970-01-21 02:33:01	Name: STIDREFERRAL Value: SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh
.wargaming.net/	1970-01-21 02:33:01	Name: enctid Value: d6fgifza5c76
.wargaming.net/	1970-01-21 11:25:49	Name: teclient Value: 1734589083038485360
.worldoftanks.com/	1970-01-21 03:59:25	Name: _gcl_au Value: 1.1.230534176.1734589084
.join.worldoftanks.com/	1970-01-21 10:35:25	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Dec+18+2024+20%3A18%3A04+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202406.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=32d865d7-6519-42fc-8c77-3d17d052d687&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fjoin.worldoftanks.com%2F1600950461%2Fen_us%2F%3Ft%3D1%26pub_id%3D45%26xid%3D6763ba9a4a4db000015eeae1%26xid_param1%3D2443%26xid_param_2%3D114%26sid%3DSIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh%26enctid%3Dd6fgifza5c76%26lpsn%3DWOT%2520ONGOING%2520WW%2520Videoback%2520LMS%2520WOTHQ-1691%26foris%3D0%26teclient%3D1734589083038485360%26utm_source%3Dwlap%26utm_medium%3Daffiliate%26utm_campaign%3Dq3y24x3t%26utm_content%3D45&groups=C0001%3A1%2CC0003%3A1%2CC0005%3A1%2CC0004%3A1%2CC0002%3A1
.doubleclick.net/	1970-01-21 11:25:49	Name: IDE Value: AHWqTUnW_K0w4ao-zxGEEoI9LdjeqDR2AxTA6CopTCHaTrmeOMjdlrJ1NX5iIkgs_PA
.doubleclick.net/	1970-01-21 02:33:01	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 06:09:01	Name: receive-cookie-deprecation Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://meherdewogoud.com/4/7482447?var=8286_%7BhostId%7D&ymid=15fpciscg00g2 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0301D00E4230000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://meherdewogoud.com/afu.php?zoneid=7482447&var=7482447&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A0E01DE4230000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://meherdewogoud.com/4/6118780?var=7482447&btz=Pacific/Honolulu&bto=600&bar=x(Line 81) Message: [GroupMarkerNotSet(crbug.com/242999)!:A0301D00E4230000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://meherdewogoud.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A0E01DE4230000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763ba9a4a4db000015eeae1&xid_param1=2443&xid_param_2=114&sid=SIDkR44gmQnHcpj1zPOnON6qTxUyzNq-6JtvaeeXIMYiiPBx78XuDsjzwkyV0zDVXo5-vgaWl05-e_5BH_wE4jOyt_UW15L0ylvZ5Pl3mFG0qcotw8hVpE8_fGwZLBe39Tt5N-3WqzaLawh&enctid=d6fgifza5c76&lpsn=WOT%20ONGOING%20WW%20Videoback%20LMS%20WOTHQ-1691&foris=0&teclient=1734589083038485360&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A0E01DE4230000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28909310-28255-ex.hydramaterrep.com
adservice.google.com
cdn.cookielaw.org
cdn2wotcom.gcdn.co
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
join.worldoftanks.com
lms-static.wgcdn.co
meherdewogoud.com
my.rtmark.net
paychat.fuse-cloud.com
redwingshere.xyz
td.doubleclick.net
tenor.wargaming.net
track.wargaming-aff.com
track.wg-aff.com
trck.wargaming.net
www.clarity.ms
www.google.com
www.googletagmanager.com
adservice.google.com
tenor.wargaming.net
track.wargaming-aff.com
104.18.22.222
142.250.176.195
142.250.65.194
142.251.32.100
172.67.169.157
2606:4700:4400::6812:2089
2606:4700::6812:562a
2607:f8b0:4006:809::200a
2607:f8b0:4006:80d::2008
2607:f8b0:4006:81f::2002
2620:1ec:29:1::40
2a03:90c0:81:2102::230
2a03:90c0:9996::9996
35.204.100.195
35.204.130.99
45.13.225.41
49.51.78.191
88.208.22.3
92.223.21.23
92.223.51.163
041a9050cb0213de1833527b3d55a46d88e7129a299fd37bdd117f22af5be6fb
0745a0ed7ee4a4b87092a86cd94d44825e1f096efffbac0041aca3c01a0de04b
07871f75a6f4007f7f7d9adf5382f953c1dce8407149662dd88617a1d8d4055a
0eb8340c0b3fc3e36cd816cb9ce8e819b64b40ded2504741eb4662bb10eea015
19cdebab8b0da50b49c00d27c3f185be4810d5ce83f5052e238f353a12ac5ea7
270e5109cc9c9fa595f86db6d6c56e511e27336c9f4f5d6ad81a604f952589f4
277608d596f10979339f990d6b88f190fd4619f524271684f67d8f78f449ceb4
3038bb7d8adebbe73e330bbea5739b04efe6b04d5a1d81db314bd29251813967
333a1356229544852de21506199e090e01791081b4b32e3a5d7864506a07eeb9
43f6b825bd0ac679683125f2247d28d6f00e4ff85934b37ae7a5e459cd476c8f
47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
59d32ad39544a1e9509670ba52a1cde4e48a445e782d234ab71984b76449dd79
5ce762ed6405e24fc41de0ca14865a3f634da785c531f9ee70b8d0bc7425ac41
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6ab8aa4cb7a0a34210b0ac496a665ed6454cd09438c7945240699aa593981039
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
8052241fe12c5981a448f5f3b3cc29533dfaf04d464084dc0fd90c931e4eea13
93ad8af6d0630fafb3551b54095353144548f6a2b06beccc55703d5afdae792c
9913f3fb52dd7a2168336c13c57e85bbe11a40b30dbd8a8dd6e6d615edd390b8
9f4685e65a52d104ef09632bd35e0c65d2e9fc5382e31def5a53911083ef6827
a6c0439d38349563c61e19608822e8280093fc260d0be172f3c12a05e06797c7
be918c830ef7030f84ddd1427e58f07f52d2f6cdfec5d1996d2bffcd16b74e04
c45c9dbace7b7998f7759fcac9212c9bbfc7caf99e8def9e241b6b3520e1b58a
c8c70bd09be780c91afd1e70512bccf4787003f3de76cf2ed8f7d45fa6356e1e
ce19047cdde0a0c8762adf3d8f450569b7c536550f75b28571cccb6a397e50c0
d835258fc97716403f2edf07c91b601fedc1de2b93d58fcad8629b08844b2f50
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
dbd0a0a1a9b84052f2a421eb1ee0e45497c0abcceccd20058848451331ed0d4b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6a40920a81d3a3489189bbb747f7d3e1b2a87f7568361e4872353bc2cb082b2

join.worldoftanks.com Open in urlscan Pro 92.223.51.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

94 %HTTPS

40 %IPv6

19 Domains

22 Subdomains

17 IPs

5 Countries

8796 kBTransfer

11043 kBSize

15 Cookies

10 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

join.worldoftanks.com Open in urlscan Pro
92.223.51.163 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

94 %
HTTPS

40 %
IPv6

19
Domains

22
Subdomains

17
IPs

5
Countries

8796 kB
Transfer

11043 kB
Size

15
Cookies

64 HTTP transactions
1 data transactions